Ticket #5258 (closed defect: fixed)

Opened 4 years ago

Last modified 4 years ago

[with patch, positive review] escape html strings with cgi.escape instead of custom (and lacking) regexp

Reported by: jason Owned by: jason
Priority: major Milestone: sage-3.3
Component: notebook Keywords:
Cc: Work issues:
Report Upstream: Reviewers:
Authors: Merged in:
Dependencies: Stopgaps:

Description

See  http://groups.google.com/group/sage-devel/browse_thread/thread/3fd6f52b4b04108d for the discussion.

Attachments

trac_5258-escape-with-cgi.patch Download (5.8 KB) - added by jason 4 years ago.

Change History

Changed 4 years ago by jason

comment:1 Changed 4 years ago by jason

  • Summary changed from escape html strings with cgi.escape instead of custom (and lacking) regexp to [with patch, needs review] escape html strings with cgi.escape instead of custom (and lacking) regexp

comment:2 Changed 4 years ago by was

  • Summary changed from [with patch, needs review] escape html strings with cgi.escape instead of custom (and lacking) regexp to [with patch, positive review] escape html strings with cgi.escape instead of custom (and lacking) regexp

+1 and positive review!

comment:3 Changed 4 years ago by jason

  • Owner changed from boothby to jason
  • Status changed from new to assigned

comment:4 Changed 4 years ago by mabshoff

  • Status changed from assigned to closed
  • Resolution set to fixed

Merged in Sage 3.3.rc1.

Cheers,

Michael

comment:5 Changed 4 years ago by was

I blew it on this review -- there is a major major bug in this patch in that it uses escape in twist.py but does *not* import it!! See #5358.

comment:6 Changed 4 years ago by jason

Well, I blew it even more by writing the error in the patch!

Note: See TracTickets for help on using tickets.